‍

Elasticsearch is, at its core, a distributed, RESTful search and analytics engine built on top of Lucene. It provides a highly scalable, near real-time search platform with capabilities that support multitenant-capable full-text search, structured search, and analytics.

In the following sections, we’ll walk you through the steps of setting up and configuring Elasticsearch on a Rocky Linux 8 server.

Section 1: Prerequisites

Before we get started, there are a few requirements you need to take into consideration:

1. A server running Rocky Linux 8.
2. At least 2GB of RAM and 2 CPUs.
3. A non-root sudo user.

Given the fact that Elasticsearch requires approximately 1GB of RAM by default, it’s important to ensure that you have sufficient resources available. If your environment is memory-constrained, you might need to enable swap.

Section 2: Installing Required Tools

Before we can install Elasticsearch, it’s advised to have a user-friendly text editor installed on your server. By default, Rocky Linux 8 comes with the vi text editor, which, while powerful, can be somewhat challenging for less experienced users. For this reason, we recommend installing nano: sudo dnf install nano -y

Section 3: Installing Elasticsearch

Elasticsearch components are not available in Rocky’s default package repositories. Instead, they can be obtained from repositories maintained by the Elasticsearch project itself.

First, import the Elasticsearch public GPG key:

rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch

Then, create a new repository file called elasticsearch.repo in the /etc/yum.repos.d/ directory: sudo nano /etc/yum.repos.d/elasticsearch.repo

In the newly created file, insert the following lines: [elasticsearch]

name=Elasticsearch repository for 8.x packages
baseurl=https://artifacts.elastic.co/packages/8.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=0
autorefresh=1
type=rpm-md

Finally, you can proceed with the installation of Elasticsearch:sudo dnf install –enablerepo=elasticsearch elasticsearch

Confirm the installation when prompted.

Section 4: Configuring Elasticsearch

Elasticsearch’s main configuration file, elasticsearch.yml, is located in the /etc/elasticsearch directory. This file contains various configurable parameters that can be adjusted according to your needs.sudo nano /etc/elasticsearch/elasticsearch.yml

Find the line that specifies network.host, uncomment it, and replace its value with localhost:network.host: localhost

Save and close the file.

Section 5: Starting Elasticsearch

Now that the initial configuration is complete, we can start Elasticsearch: sudo systemctl start elasticsearch

To ensure that Elasticsearch starts automatically at system boot, enable it using the following command:sudo systemctl enable elasticsearch

Section 6: Securing Elasticsearch

By default, anyone who can access the HTTP API can control Elasticsearch. However, with the configuration we’ve performed, Elasticsearch is set to listen only on localhost.

If you need to allow remote access to the HTTP API, you can limit the network exposure with firewalld.

Section 7: Testing Your Installation

With Elasticsearch running, you can test it by making an HTTP GET request to localhost:9200 using

curl:curl --cacert /etc/elasticsearch/certs/http_ca.crt -u elastic https://localhost:9200

If the response is similar to the one below, Elasticsearch is working as expected:

{ "name" : "elasticrocky", "cluster_name" : "elasticsearch", "cluster_uuid" : "_hb4dLuuR-ipiloXHT_AMw", "version" : { "number" : "8.5.3", "build_flavor" : "default", "build_type" : "rpm", "build_hash" : "4ed5ee9afac63de92ec98f404ccbed7d3ba9584e", "build_date" : "2022-12-05T18:22:22.226119656Z", "build_snapshot" : false, "lucene_version" : "9.4.2", "minimum_wire_compatibility_version" : "7.17.0", "minimum_index_compatibility_version" : "7.0.0" }, "tagline" : "You Know, for Search"}

Section 8: Using Elasticsearch

Elasticsearch uses a RESTful API, which means it responds to the usual CRUD (Create, Read, Update, Delete) commands. To interact with the API, we’ll use curl.

Here’s an example of how to add an entry:

curl --cacert /etc/elasticsearch/certs/http_ca.crt -u elastic -X PUT "https://localhost:9200/test/_doc/1?pretty" -k -H 'Content-Type: application/json' -d '{"counter" : 1, "tags" : ["red"]}'

And here’s how to fetch an entry:

curl --cacert /etc/elasticsearch/certs/http_ca.crt -u elastic -X GET "https://localhost:9200/test/_doc/1?pretty" -k -H 'Content-Type: application/json'

Lastly, here’s how to update an existing entry:

curl --cacert /etc/elasticsearch/certs/http_ca.crt -u elastic -X PUT "https://localhost:9200/test/_doc/1?pretty" -k -H 'Content-Type: application/json' -d '{"counter" : 1, "tags" : ["blue"]}'

Section 9: Conclusion

Congrats! You’ve now successfully installed, configured, and begun using Elasticsearch on Rocky Linux 8. This will help you make the most of your data by allowing you to search, analyze, and visualize it in real time.

Section 10: Additional Resources

For more detailed information and advanced configuration options, you can refer to the official Elasticsearch documentation.

Section 11: Using Shape.host for Hosting Elasticsearch

If you’re looking for a reliable hosting provider for your Elasticsearch setup, consider Shape.host. They offer excellent cloud hosting solutions, including SSD Linux VPS, which can be an excellent platform for hosting Elasticsearch.

Section 12: Final Thoughts

While this guide focused on configuring Elasticsearch on Rocky Linux 8, the steps should be similar for other Linux distributions. Keep in mind that the specifics may vary based on your unique server environment and Elasticsearch use case.

Understanding and properly configuring Elasticsearch can enhance your ability to work with large volumes of data, and extract valuable insights from it. This open-source tool, when used effectively, can be a powerful addition to your data analysis toolkit.